Onboard a Sumo Logic App to SSPM

1. Generate a Sumo Logic access key and copy its credentials.

   1. Identify the Sumo Logic account that you will use to generate the access key.

      Required Permissions: You must generate the access key from the account that is designated the Sumo Logic account owner. This is either the user who registered the account, or was later designated the account owner.
   2. Log in to Sumo Logic as the account owner.
   3. Navigate to your Sumo Logic preferences.

      To navigate to your preferences, locate your profile icon in the upper-right corner of the Sumo Logic page, and select <profile-icon> Preferences.
   4. Select the Personal Access Keys tab and Add Access Key.
   5. In the Add New Access Key window, specify a name for your access key. This name will appear in the list of your personal access keys, so give it a meaningful name, such as SSPM Integration.
   6. Under Scopes, select the Custom option.

      By default, the access key will inherit the permissions of the user who creates it. Because we are creating the key as the Account Owner, who has the highest level of administrative privileges, you should explicitly limit the access key's permissions to the minimum permissions that SSPM requires. Specify the following custom scopes:

      • Access Keys - View
      • Access Keys - Manage
      • Users And Roles - View
      • Users And Roles - Manage
      • Content admin
      • Manage Library
      • Run Log Search - View/Manage
      • View Collectors
      • View Security Settings
      • View Account Status
   7. Save your key.

      Sumo Logic generates the key and displays its credentials (Access ID and Access Key).
   8. Copy the Access ID and Access Key and paste them into a text file.

      Don’t continue to the next step unless you have copied the Access ID and Access Key. You will provide this information to SSPM during the onboarding process.
2. Identify your Sumo Logic endpoint region.

   Use the following table to determine your region based on your login URL.

   URL	Region
   api.au.sumologic.com	AU (Australia)
   api.ca.sumologic.com	CA (Canada)
   service.de.sumologic.com	DE Germany
   service.eu.sumologic.com	EU (European Union)
   service.fed.sumologic.com	FED (US Government)
   service.in.sumologic.com	IN (India)
   service.jp.sumologic.com	JP (Japan)
   service.sumologic.com	US1 (United States)
   service.us2.sumologic.com	US2 (United States)

3. Connect SSPM to your Sumo Logic instance.

   In SSPM, complete the following steps to enable SSPM to connect to your Sumo Logic instance.

   1. Log in to Strata Cloud Manager.
   2. Select ConfigurationSaaS SecurityPosture SecurityApplicationsAdd Application and click the Sumo Logic tile.
   3. On the Posture Security tab, Add New instance.
   4. Log in with Credentials.
   5. Enter the credentials for your access key (Access ID and Access Key) and the endpoint region.
   6. Connect.